tv The Communicators CSPAN October 23, 2010 6:30pm-7:00pm EDT
.net. there are other top-level registries for other domains. there are other registries .orgs or other countries. >> what about a company like to go and daddy? do they compete with you -- like go daddy? did they compete with you? >> no, they are one of our partners. if you think of it in terms of we are the wholesaler and they are a retailer. >> so you have a monopoly? >> we do. it is a technical monopoly. >> where does your money come from? >> the business model is fairly simple. if you purchase a domain name
from one of the registrars, they then turn around and pay as an annual fee to implement that name. >> how many internet domains are their total today that you have a hand in? >> about 100 million. >> and you get a cut from each of those? >> we are paid a set fee on an annual basis. >>'s increase is important to you? >> we like that. >> are you recession-proof? >> to the extent that the internet is. one of the things we saw in the .com moble is that the internet
usage goes upper -- during the.com bubble is that the internet usage goes up during a recession. >> how did you get in the position of being a wholesaler? >> there is a lot of history there. the basics are that the government at one point offered us a contract, and to the predecessor of this company, and we have maintained since that time. >> it is a yearly contract? >> it runs on six year terms. whom? signed by hi >> there are two entities. but one grants the contracts and the other is the u.s. department
-- one offers contracts and the other is the u.s. department of commerce. >> has the stock been decreasing? >> like a lot of technology companies, we were one of the highfliers in the early 2000's and suffered from the dotcom novel. -- bubble. as the internet grows and e commerce grows, we are beneficiaries of that. >> where was the company started? >> it was started in silicon valley in mountainview. it was primarily a security company at that point. it has grown in a lot of different ways over the years into different services and opportunities. but we primarily run .coms and
.nets. >> why did you move to the east coast? >> there is a company reason and a personal reason. we recently sold a portion of the company. we re-headquartered recently back to virginia. >> water some of the policy issues that confront you? >> there are a host of them that they can fall into a number of categories. internationalists asian of domain names, site security -- internationalization of domain names, site security, all of those issues are important to us. >> also joining us is the senior
writer for government computer news. >> verisign is up this in more and the infrastructure side than the security where you started. what is your role in ensuring the overall availability of the internet? >> that is very important to us. at the end of the day, if our domains were not operating over a large portion of the internet they would degrade. that is why we believe in providing availability and security. >> you mentioned the next generation of internet protocols, the adoption of which is being forced upon us eventually. how important is it to begin
implementing ipv6 with the networks, and what are the forces that are driving us to destruction? >> there is another reason other than the depletion of space. there is a chicken and egg aspect. it can be a fairly expensive endeavor from the network perspective and application perspective do have to be adopted. i think reason things like the government mandating it in certain cases or the stimulus and the impetus that we need to get people to duo it. networks say why should i do that, no application will say it? application say the network will not accept it.
>> could you explain before we go any further what ipv6 is? >> it is an internet addressing space. everyone using the computer is assigned a unique address so they can be found on the network. if you think about all of the devices out there, plus everything that may be coming on line in the future, you have to have enough unique numbers to identify everyone, and ipv4 tops out at four-5 billion. it sounds like a lot, but when you realize how many mobile phones there will be in just a few years, it actually runs out pretty fast. it is an exponentially larger
addressing space that is available. >> so when someone types in c- span.org, what does the computer do? to at translates it number. that number then identifies the server where the information about c-span can be found. that is what we do, by the way. we translate those words to those numbers as a directory then tell the requesting computer, you should go here. >> switching to ipv6 adds more numbers that the computer will have to translate to? >> that number is just one endpoint. as more and more devices become yourters, mobile funphones,
grid to read your energy at your house, they all will need a number. >> so important is it to people, to users out in the real world, the ipv4 depletion? we are starting to pay a lot of attention to the fact we have 12-80 months before the addresses are gone. does that -- 12-18 months before the addresses are gone. does that mean anything to us? >> hopefully it will not mean anything, because of all of the application and infrastructure providers are doing their jobs, it will go unnoticed. if that does not happen, it is possible that certain things will not work because you may ipv6 network talking to an ipv4 application.
hopefully that will not happen. >> you talked about translating names like c-span.org into an address. can you explain to us what the dns security extensions are the you mentioned briefly earlier? >> it is the important security implementation at the very core of the internet. when a dns record is looked up, it is possible that somewhere along the handoff that the wrong address can be implemented into the translation. those are attacks. man in the middle of a tax. those are cyber security issues. you could be redirected to a row beside the bed looks a lot like what you thought you were going to -- to a rogue site that looks
a lot like what you thought you were going to. what dns does is digitally signed the request so that all through the handoffs it can be verified from an authenticity standpoint that it originated from this party and no one has jumped in the middle. >> are these particles that your company has developed or did you do it in -- are these protocols that your company has developed or did you do it in partnership with the government? >> we of work on nevertheless 10 years. the implementation occurred recently. it is an effort between our company, the u.s. department of commerce and a whole host of other companies. if you think of the domain name
system as a tree or a hierarchy, you have to implement the security measures and then they flow down. >> what is the status at this of implementation throughout the hierarchy, and how long before we start seeing practical advantages to it? >> we will sign .net this year. we will sign .com next year. other registry providers have already done this. we will see over the course of next year, lots of network and
application providers recognizing dns. these sorts of things take years to propagate, but they are worth the wait. >> what is the complexity? why did it take so long to do something that sounds like a no- brainer. it is a good idea and should be simple, you just apply digital signature. why the length of time that it takes to propagate throughout the system? >> two things primarily. one is standards. getting the right standards to be recognized on an international basis. that takes time because everybody has to buy into what the standard is and there is a lot of work involved. the second is the actual implementation or acceptability, takes a long time. we invited a lot of application providers to come into the lab to enable their applications in an environment that would allow
them to see if it would break, for example. we worked a lot of bugs out of the system. the last reason is just a load. your digitally signing the domain requests. it is a bigger load on the system. the entire infrastructure has to be built up and invested in in order to handle the increased load. >> you talk about the weather being international. the referred it to everybody -- about the web being international. you referred to everybody. peru is everybody? to is in charge? is it -- who is everybody? who is in charge? is it the people?
is it the government? >> obviously, there is a lot of sovereignty involved. every country has their own infrastructure. the trick is to get everybody to work together. the power of the internet, as you know, is the network of networks. >> what the u.s. decided they did not one another person to participate? >> that is a bad scenario. as soon as you break down the internet, the utility declined dramatically. that would be a bad result. >> what would happen if you disagree with the u.s. government policy? do not think that would happen. >> given the fantastic growth of is secure enough
for the role that we have given it? >> there has been a lot of attention to this, rightfully. the underlying infrastructure itself has a security that is questionable. there is a lot of attention rightly put on this. the national security grid, perhaps today utility grid, the communications grid, it is fragile. we constantly take a view of 5- 10 years of what the load is going to look like and what the attacks could look like to try to plan a well in advance. we involved private companies
and international companies as well to do that. >> one of the advantages of ipv6 is that it has extra security but at the samet, time, shifting one protocol to another or enabling both on the network at the same time, has got to add some confusion are some vulnerabilities to the system. what are the implications of moving to ipv6? >> i think it is primarily what you stated. whenever you have more than one protocol being dominant at any one time, you create an opportunity for people to exploit this. that could be malicious or not malicious, but it looks like an attack.
the sooner you can get the injured-opera ability -- inner- operability taken care of, the sooner your saved. >> does verisign have a position on this whole issue of regulation versus innovation on the internet which has come out in net neutrality? net neutrality is the poster child for this. where does your company stand on the neutrality? >> the issue is important, and i think the basic idea of will you be intimidated to innovate on the applications side versus people who can innovate at the band with provisioning level.
from our perspective, our hope is that a resolution can be reached on this. we understand both the point on this. we have been very fortunate everybody understands the importance of the dns and we have not really been caught up in the two camps. our hope is that policy makers will continue to listen to both sides and that innovation will come out at the end of the day. i do not mean that for one side. >> do you keep an eye on spectrum management? >> know. no. >> what about at the fcc? what issues do you face theire? >> bair more involved in the
telecommunications issues -- they are more involved in telecommunications issues. that is not really something we are interested in. we follow net neutrality. ipv6 issues, we follow that. most of the sec focus is in an area that is not directly relevant to our -- fcc focuses in an area that is not directly relevant to our company. >> what about congress? >> we tend to pay attention to things that matter to the internet. congress has, on balance, done a very good job of managing this private public partnership that has created internet from a regulatory standpoint. >> you mentioned that you work very closely with the government on security issues and trying to predict what kind of needs you are going to have in the future.
how close and have adequate is this public-private partnership which, it seems like for the last 10 years everyone has been saying that is the key for securing and managing the internet, and 10 years later we are still saying, that is the key, we have to do this one day. what is the level of cooperation between private industry and government, and managing this huge infrastructure? >> i think it is the key. [laughter] that is because most of the internet today exists in the private realm as opposed to the public sector realms. we have to all work together at the end of the day because that is just the way this is. being able to work on the issues and resolve those is very important. you're not going to have resilient infrastructure unless the parties can work together.
i think our relationship with the department of colleges is a good example. that is something that worked very well over the course of time. it was an important thing at the core. another thing it is de dhs cyber exercise. there are a lot of people involved in that. it is basically simulating possible attacks on the network and what everybody can do to increase the resiliency and decrease the down time for that. i think people are working very well together. it is always going to be a mash between public and private and we have to work together. >> what is your role when it comes to privacy? >> i believe and privacy. i believe everybody doesn't the
end of the day. at our level -- i believe everybody does at the end of the day. at our level, we do not see that sort of data, so it has not been an issue for us as a company. >> what do you see happening in the threat landscaper over the next five years? how would you describe what the next five years is going to look like? >> it will be interesting and scary in some regards. the more applications and devices that come onto the internet, it is not an overstatement to say that every single device has a lot of utility and is also a possible threat. it brings with the possible
innoxious code -- with it a possibly noxious code. we spend a lot of time trying to be ahead of that. >> what are your revenues and employment? >> we have about 1000 people in the company today and do about $650 million in revenue. >> how many are computer scientists? >> we all like to think of ourselves as technologists. about 400-500 of those people are running the network. >> are you finding that the training they are getting in high school, college, etc. is adequate for your needs? >> some of it has to do with geography and where you are hiring. we have been able to work with a lot of universities and colleges for developing a search of
skills in school. >> you have a law degree from seattle university school of law. you have a bachelor's degree from west point. how did you get involved in this work? >> blog did not worked out. -- law did not worked out. i was practicing technology lot and got involved with companies in silicon valley and decided i would rather be on their side. >> wasn't there something about you having a helicopter accident? >> i went to west point with the eassumption that i would be a career military officer. that was cut short by an accident in a helicopter which seemed like a very bad thing at the time, but in hindsight, opened a lot of doors.
>> what are the changes u.s. seen in the internet or the biggest surprise in changes -- you have seen in the internet or the biggest surprise? >> that would be the rate of adoption. we look at cycles of adoption. how long did it take for the television to be in so many homes, or the telephone? that cycle of adoption is so compressed that it is now measured in single digit years. apple just had its 10 billion for downloading from itunes. went from 0 to millions in a period of two-five years.
>> another issue that the fcc has been involved in is making broadband connectivity more available. does the united states have adequate connectivity at this point? given the rate of adoption, does everyone have the band with that they should have? >> i think everyone should have the internet because it allows a richer experience and more educational opportunities. since we do not have 100% penetration, i think there is an opportunity to grow there. compared to the rest of the world, we do pretty well. there are now two billion internet users, but only 0.1% of them have broadband. when you talk about the future
of the internet, it sounds like the future is still out there. we have not seen it yet? . we have you wireless as another computing device -- a view wireless as another computing device. it helps us grow the business of e commerce. the bad news is that creates a tremendous load, particularly when machines start talking to machines. traditionally is a human talking to a machine. now you are seeing machines talking to machines without human intervention. that creates an exponential amount of work that has to be done behind the scenes. >> and the security issues? >> with every one of those, they go up exponentially as well. >> thank you for being here.
>> thank you. >> thank you. >> tonight, live from denver, colorado senate debate. coverage begins at 8:00 p.m. eastern on c-span. >> richard clarke is the former national security cornyn for -- coordinator against terrorism. he spoke to the american bar association's standing committee on law and national security on the issue of cyber security. this is about 50 minutes. >> good afternoon. let me welcome you to the let me welcome you to the army/navy